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DETAILED ACTION 

1. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 5 
February 2007 has been entered. 

2. This is a non-final office action in response to remarks filed on 5 February 2007. 
Claims 30, 38, and 46 were amended. No claims were canceled or added. Claims 30- 
50 are pending. 

Response to Arguments 

3. Applicant's arguments; with respect to claims30-50 have been considered but are 
moot in view of the new ground(s) of rejection. 

4. Lastly, the use of "authentication methodology" in the claims is very broad. 
Including more detail explaining what this phrase includes would help to make the 
claims more specific. As such, examiner interprets "authentication methodology" to 
include sending a key as described by Shambroom. 
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Summary of Claimed Invention 

5. The claimed invention describes a server first receiving authentication 
instructions from a controlling client computer system, then receiving a request from a 
client to access a service provided by the server and lastly authenticating the client for 
the first time. The invention uses conventional authentication methods, e.g. basic HTTP 
authentication. In the same field of endeavor, the applied references teach the same. 

Claim Rejections - 35 USC § 103 

6. The text of those sections of Title 35, U.S. Code 103 not included in this action 
can be found in a prior Office action. 

7. Claims 30-33, 35, 38-41, 43, and 46-49 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Shambroom (U.S. Patent 5,923.756) in view of Wood et al. 
(U.S. Patent 6,691 ,232), hereafter referred to as Wood. 

8. Regarding claim 30, Shambroom disclosed a method in a server computer of 
authenticating client computer systems, the method comprising: 

receiving from a controlling client computer system an instruction that indicates 
an authentication methodology that is to be used to authenticate a client computer 
system that is a separate computer system from the controlling client computer system 
(The Key Distribution Center 400 sends authentication information to the network server 
300 for authenticating client 200, see fig. 3 #354, col. 8 lines 27-44) 
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after receiving the instruction and before authenticating the client computer 
system, receiving a request from the client computer system to access a service of the 
server computer system (Client sends a request to the destination server 500 prior to 
authorization, see fig. 3 #358, col. 9 lines 1-9); and 

upon receiving the request from the client computer system to access a service 
of the server computer, initially authenticating the client computer system using the 
indicated authentication methodology (The client is authenticated before being 
connected to the destination server, see fig. 3 #360, #362, #364, col. 9 lines 15-45). 

Shambroom did not explicitly disclose wherein the authentication methodology 
being selected from multiple authentication methodologies based on authentication 
abilities indicating authentication methodologies that the client computer supports and 
access rights of the client computer system to access resources, however in a related 
art, Wood disclosed presenting a user with suitable authentication schemes and 
allowing the user to select one (see col. 1 1 lines 36-41). An authentication scheme is 
deemed suitable when it meets or exceeds the required trust level in the current 
environment (see col 1 1 lines 14-23, 31-33). It would have been obvious to one of 
ordinary skill in this art at the time of invention to incorporate Wood's choice of 
authentication methodologies into Shambroom's authentication system to provide more 
details on how a user should be authenticated and thereby further improve system 
security (see Shambroom col. 3 lines 33-35, col. 4 lines 46-61). 
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9. Regarding claim 31, Shambroom-Wood disclosed the instruction indicates that 
multiple authentication methodologies can be used to authenticate the client computer 
system and wherein the client computer system is authenticated using one of the 
indicated authentication methodologies (see Wood col. 1 1 lines 30-67). 

10. Regarding claim 32, Shambroom-Wood disclosed the instruction indicates that 
the authentication methodology is to be used to authenticate multiple client computer 
systems and wherein the multiple client computer systems are authenticated using the 
indicated authentication methodology (see Wood col. 7 lines 35-40 plurality of client 
systems authenticate with the gatekeeper/entry handler component 110). 

11. Regarding claim 33, Shambroom-Wood disclosed the instruction indicates 
multiple authentication methodologies can be used to authenticate multiple client 
computer systems and wherein the multiple client computer systems are authenticated 
using one of the indicated authentication methodologies (see Wood col. 7 lines 35-40; 
coi. 1 1 lines 30-67; the user/client is allowed to choose credential types to be used to 
authenticate to the server, all the users can use a particular method of authentication, 
i.e. certificate authority). 

12. Regarding claim 35, Shambroom-Wood disclosed the authentication 
methodology is a basic HTTP authentication (see Wood col. 12 lines 25-30). 
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13. Regarding claims 38-41 and 43, the claims are rejected for the same reasons as 
the rejections to claims 30-33 and 35 above respectively. 

14. Regarding claims 46-49, the claims are rejected for the same reasons as the 
rejections to claims 30-33 above respectively. 

15. Claims 34, 36-37, 42, 44-45, and 50 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Shambroom-Wood as applied to claims 30, 38, and 49 above, 
further in view of AAPA (Applicant Admitted Prior Art). 

16. Regarding claim 34 and 42, Shambroom-Wood disclosed the invention, 
substantially as claimed, as described in claims 30 and 38, but did not explicitly disclose 
an assertion authentication. 

However, AAPA disclosed assertion methodology is a way of authenticating 
between client and server (see for example AAPA specification pg 3 lines 1-3). It would 
have been obvious to one of ordinary skill in this art at the time of invention to combine 
the teachings of Wood-Lim and AAPA because the teaching of AAPA to allow assertion 
would improve the trust in between the two systems, as both sides agree to trust each 
other initially. Furthermore, Shambroom-Wood's system supports plurality of 
authentication methodologies, it would have been obvious to incorporate assertion 
methods with Shambroom-Wood to improve the functionality of Shambroom-Wood by 
allowing for more choices for authentication. 
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17. Regarding claims 36 and 44, Shambroom-Wood disclosed the invention, 
substantially as claimed, as described in claims 30 and 38, but did not explicitly disclose 
digest authentication. However, AAPA disclosed a digest method (see for example pg 3 
lines 10-22). It would have been obvious to one of ordinary skill in this art at the time of 
invention to combine the teachings of Shambroom-Wood and AAPA, the rationale to 
combine is discussed in claims 34 and 42 above. 

18. Regarding claims 37 and 45, Shambroom-Wood disclosed the invention, 
substantially as claimed, as described in claims 30 and 38, but did not explicitly disclose 
an NTLM authentication. However, AAPA disclosed NTLM authentication method (see 
for example pg 3 lines 23-24). It would have been obvious to one of ordinary skill in this 
art at the time of invention to combine the teachings of Shambroom-Wood and AAPA, 
the rational to combine is discussed in claims 34 and 42 above. 

19. Regarding claim 50, the claim is rejected for the same reasons as the rejection to 
the combination of claims 34-37 and 42-45 above. 

Conclusion 

20. Examiner's Note: Examiner has cited particular columns and line numbers in 
the references applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings of the art and are 
applied to specific limitations within the individual claim, other passages and figures 
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may apply as well. It is respectfully requested from the applicant in preparing 
responses, to fully consider the references in entirety as potentially teaching all or part 
of the claimed invention, as well as the context of the passage as taught by the prior art 
or disclosed by the Examiner. 

In the case of amending the claimed invention, Applicant is respectfully 
requested to indicate the portion(s) of the specification which dictate(s) the structure 
relied on for proper interpretation and also to verify and ascertain the metes and bounds 
of the claimed invention. 

21 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Angela Widhalm whose telephone number is (571) 272- 
1 035. The examiner can normally be reached M-F, 9:00 am - 5:30 pm. If attempts to 
reach the examiner by telephone are unsuccessful, the examiner's supervisor, Bunjob 
Jaroenchonwanit can be reached on (571) 272-3913. The fax phone number for the 
organization where this application or proceeding is assigned is (571) 273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-2-17-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Angela Widhalm 
Examiner 
Art Unit 2152 
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